Date: Wed, 26 Nov 2003 09:55:46 +0100 From: Ilya Varlashkin <ilya@samara.net> To: freebsd-sparc64@freebsd.org Subject: Can't use hostnames in snmpd.conf after upgrade to net-snmp 5.1 Message-ID: <20031126085546.GA59517@CITADEL.NOBULUS.COM>
next in thread | raw e-mail | index | archive | help
Hi All, I submitted this earlier to net-snmp bug tracking system, but it seems there is not much activity there as many cases are not assigned (no blame, as it's a free project), so I'm writing here in case somebody had experienced the same problem with latest net-snmp release. I've just upgraded from net-snmp 5.0.x to net-snmp 5.1 on FreeBSD/sparc64 and with snmpd.conf left unmodified from previous installation now I can't connect from a hosts specified in the config by hostname (as opposed to IP address). This is ONLY on FreeBSD/sparc64, however on FreeBSD/i386 works just fine. Below are some details (hostname and community names are bogus). root@CITADEL# uname -a FreeBSD CITADEL.EXAMPLE.COM 5.1-CURRENT FreeBSD 5.1-CURRENT #3: Tue Oct 7 00:09:05 CEST 2003 toor@CITADEL.EXAMPLE.COM:/extra/usr/obj/extra/usr/src/sys/CITADEL sparc64 root@CITADEL# cat snmpd.conf # # $Id:$ # syslocation "Test lab" syscontact "Ilya Varlashkin" sysservices 76 # # ACL # # name= source community com2sec me localhost MyVerySecure com2sec default default public group meRO v1 me group meRO v2c me group defaultRO v1 default group defaultRO v2c default # incl/excl subtree mask view all included .1 80 view contact included .iso.org.dod.internet.mgmt.mib-2.system.sysContact # Gname context model level prefix read write notif access meRO "" any noauth exact all none none access defaultRO "" any noauth exact contact none none root@CITADEL# snmpd -Le -D netsnmp_udp_getSecName -D netsnmp_udp_parse_security -f sysctl: physmem: Cannot allocate memory netsnmp_udp_parse_security: <"MyVerySecure", 0xffffffff/0xffffffff> => "me" netsnmp_udp_parse_security: <"public", 0x00000000/0x00000000> => "default" NET-SNMP version 5.1 Now from another terminal on the same host: iva@CITADEL$ snmpwalk -v 1 -c MyVerySecure localhost Timeout: No Response from localhost iva@CITADEL$ (This is expected as due to problem instead of localhost 127.0.0.1 community 'MyVerySecure' is bound to address 255.255.255.255) At the same time the daemon produces following log: Connection from 127.0.0.1 netsnmp_udp_getSecName: resolve <"MyVerySecure", 0x7f000001> netsnmp_udp_getSecName: compare <"MyVerySecure", 0xffffffff/0xffffffff>... nope netsnmp_udp_getSecName: compare <"public", 0x00000000/0x00000000>... nope (above group of messages repeated 5 more times) If I specify '127.0.0.1' instead of 'localhost' in the snmpd.conf then everything is fine, and on FreeBSD/i386 architecture this problem doesn't exist (tested with FreeBSD versions 4.8, 4.9 and 5.1). Could it be that net-snmp 5.1 requires some additional options in the kernel compare to 5.0.x or something needs to be tweaked in net-snmp itself? Let me know what additional information could help to resolve this problem. P.S.: By the way, during pre-build configuration, I see plenty of complains like tcpip.h found but can't be compiled (on both i386 and sparc64, though on intel it works after all but sparc has problems). Is it normal? Kind regards, Ilya Varlashkin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031126085546.GA59517>